1 The browser has become a popular attack vector for implanting code on computer operating systems. Equally critical, important sessions, such as online banking, must be protected from cross-site attacks from other concurrent sessions. In this work we describe an approach using lightweight virtualization to create a safe browsing environment, called SafeFox, to protect both the host and important browsing sessions from malicious Web content. With SafeFox, the browser runs in its own virtual environment (VE) in its own process namespace, file system, and IP address; furthermore, when browsing to a secure bookmarked site SafeFox automatically creates a new isolated lightweight virtual environment (VE) for the secure bookmarked site. In this paper, we present the architecture for SafeFox and demonstrate its lowoverhead approach while analyzing its security properties. While the native platform of SafeFox is Linux, we have created a SafeFox virtual appliance to run on multiple platforms, i...
Jiang Wang, Yih Huang, Anup K. Ghosh